esm

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill documentation is coherent: capabilities match the described purpose (protein sequence generation, structure prediction, embeddings) and required credentials (Forge token) are proportional. No direct malicious code or supply-chain credential-harvesting patterns are present in the provided text. Main issues are: (1) operational risk from dual-use biological capabilities (biosafety/ethics) inherent to protein design tools, (2) unsafe example showing inline tokens, (3) use of a URL shortener and a likely typo in install instructions which could be cleaned up. Overall there is low likelihood of embedded malware, but moderate security/operational risk primarily from misuse and poor secret-handling practices. LLM verification: Overall, the SKILL.md content is coherent with its stated purpose of an AI agent skill for protein modeling. However, several security concerns exist: unpinned pip dependencies and instructions to install from potentially untrusted sources, plus references to token-based Forge usage without explicit secure handling. These patterns are suspicious for a code/material that could be executed in an automation environment. If used as-is, it could enable supply-chain risk or unintended remote code exec